Insights
Search Results
Alerts
5.05.26
What’s Next for Age Assurance Laws in Europe?
Developments in law, regulatory guidance, and enforcement practice across Europe are leading to meaningful changes in how online services are offered to minors. A steady stream of announcements in recent months makes clear that this area will continue to develop at pace, requiring providers of online services to keep their approach to age assurance under regular review.
Alerts
12.11.25
CJEU Rules on Online Marketplaces’ Liability for User Content Under the GDPR
On December 2, 2025, the Court of Justice of the EU (CJEU) in X v Russmedia Digital SRL (C-492/23), ruled that the operator of an online marketplace, as a data controller, is responsible for the processing of personal data contained in advertisements published on its platform, and cannot rely on the hosting liability safe harbor to avoid responsibility for General Data Protection Regulation (GDPR) infringements arising from unlawful processing.
Alerts
5.15.25
EU Commission Launches DSA Consultation on the Protection of Minors Online
On May 13, 2025, the European Commission (EC) published draft guidelines on the protection of minors online. The guidelines outline the proposed measures that the EC expects online platforms accessible to minors to take to protect minors’ privacy, safety, and security in line with requirements under the Digital Services Act (DSA).
Alerts
1.09.25
Increased Focus on the Protection of Minors and Age Verification in the EU and the UK
Legislators and regulators across the European Union (EU) and the United Kingdom (UK) are intensifying efforts to enhance the protection of minors online, responding to growing concerns about children's safety in the digital space. Recent regulations (including the EU Digital Services Act) and guidance impose increasingly strict obligations for providers to restrict access to harmful content for children.
Bylined Articles
12.17.24
EU Regulatory Trends Impacting Companies Using Third-Party AI Tools
Wilson Sonsini partner Laura De Boel and associate Marie Catherine Ducharme recently co-authored a chapter titled “EU Regulatory Trends Impacting Companies Using Third-Party AI Tools” that appeared in The L Suite’s Using Generative AI guide.
The chapter discusses the AI Act—the latest addition to the complex European regulatory landscape that entered into force in August 2024 and will begin to apply in phases as of February 2, 2025—which imposes strict requirements for certain uses of AI. Specifically, it seeks to help companies navigate the complex EU regulatory framework as they integrate third-party AI tools into their businesses. In addition to providing background on the AI Act and exploring what it means in practice, the chapter examines the application of the General Data Protection Regulation (GDPR), the ePrivacy Directive, the Digital Services Act (DSA), and the UK Online Safety Act (OSA) to the use of AI tools.
To read the full chapter, please click here.
The chapter discusses the AI Act—the latest addition to the complex European regulatory landscape that entered into force in August 2024 and will begin to apply in phases as of February 2, 2025—which imposes strict requirements for certain uses of AI. Specifically, it seeks to help companies navigate the complex EU regulatory framework as they integrate third-party AI tools into their businesses. In addition to providing background on the AI Act and exploring what it means in practice, the chapter examines the application of the General Data Protection Regulation (GDPR), the ePrivacy Directive, the Digital Services Act (DSA), and the UK Online Safety Act (OSA) to the use of AI tools.
To read the full chapter, please click here.
Alerts
7.25.24
New Enforcement Powers for the French Data Protection Authority (CNIL)
On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents, record declarations during dawn raids, and enforce certain provisions of the Digital Services Act (DSA) and the Digital Governance Act (DGA).
Alerts
5.21.24
EU AI Act Is Now Adopted
On May 21, 2024, the Council of the European Union (the Council) formally signed off on the latest draft of the European Union’s (EU) Artificial Intelligence Act (AI Act) (see the press release here). This marks the final seal of approval from the EU legislators. The text will officially become law once it is signed by Presidents of the European Parliament and of the Council and published in the Official Journal of the EU. This could take place within the next two to four weeks. However, the law will have phased effective dates, with the first obligations (i.e., the rules on prohibited AI systems) becoming effective at the end of this year.
Alerts
4.23.24
French Data Protection Authority Publishes Recommendations on the Development of AI Systems: Seven Takeaways
On April 8, 2024, the French Data Protection Authority (CNIL) published recommendations on the development phase of artificial intelligence (AI) systems1 (Recommendations). They are the first set of recommendations designed to guide the various players in the AI ecosystem on how to apply the General Data Protection Regulation (GDPR) to the development of AI systems. The Recommendations are relevant to providers and users of AI systems who process personal data as part of the development of such systems, including fine-tuning already-existing AI systems.
News Articles
4.17.24
Laura De Boel and Marie-Catherine Ducharme Publish EU Artificial Intelligence (AI) Act Implementation: A Guide to Risks and Timeline
Partner Laura De Boel and associate Marie-Catherine Ducharme have authored the EU Artificial Intelligence (AI) Act Implementation: A Guide to Risks and Timeline. The European Union's (EU) long awaited Artificial Intelligence Act (AI Act) was approved by vote of the European Parliament in March 2024, sending it into the final stages of the EU's legislative process towards its entry into force. The guide outlines what companies should know, how they should start assessing how the new rules will affect their use of AI, and which new requirements they will need to comply with.